IETF Logo Mail Archive

Re: [Int-area] [EXTERNAL] Re: [homenet] Evaluate impact of MAC address randomization to IP applications

"Lee, Yiu" <Yiu_Lee@comcast.com> Tue, 22 September 2020 22:38 UTC

Return-Path: <Yiu_Lee@comcast.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B63B3A1A86 for <int-area@ietfa.amsl.com>; Tue, 22 Sep 2020 15:38:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=sKNELr87; dkim=pass (2048-bit key) header.d=comcast.com header.b=ZHEQ4t00; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b=CrML74v7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 81NOCpAYA8Yi for <int-area@ietfa.amsl.com>; Tue, 22 Sep 2020 15:38:07 -0700 (PDT)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD5CC3A0AF9 for <int-area@ietf.org>; Tue, 22 Sep 2020 15:38:07 -0700 (PDT)
Received: from pps.filterd (m0156891.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 08MLAdDA026921 for <int-area@ietf.org>; Tue, 22 Sep 2020 17:24:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=20190412; bh=6JH7Zmo8rkRV/0NIBfJneM9S4RFCa+l8Ri9Nky+Y1Ew=; b=sKNELr87AtH6AaKZWW4EUbS7JZTkZqPRvSkxZG3CJKzLxumnmqtp8bZSGegsCCudchIz Vym0CbIPXDrK9N5QBhNbupqdZ9/geOUHhUQQkE3KNrzZVCGLmmrJ3ObOvozynYhaYkXW 8e3jpWBmdoVSfK3By4qPYRNZp9/yJHSn0qrnfA5pCwDnFSeyvZR1rT6VRjKypUW4AbSh 0GZH8SMXQwuuSLTjWQZsr73bfhE3zKWqqLKqLx143ZSoROjROe5RcQJkm3GSBg0oyg/0 AkiKflXBIDPFSMD8cn2FrhOcDhrNbJ6MWTnYd7zTyVPXuc/nkYh2DfGNgXSEb18YdTMY wA==
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) by mx0a-00143702.pphosted.com with ESMTP id 33netv47uy-5 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <int-area@ietf.org>; Tue, 22 Sep 2020 17:24:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1600809883; x=2464723483; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=6JH7Zmo8rkRV/0NIBfJneM9S4RFCa+l8Ri9Nky+Y1Ew=; b=ZHEQ4t00pYVlQeD7FUNGh/AdIhav2ufL1uZHBkefjYY5n8gmpuwoxcnCWs4eZV7R I/ydO1Y2k71tfJ2l67s0bR/m+APU/vfuO2H6cbGylBfQAsmfGLY431AeqfCJpZRW BWPJm7OV+5xlJHs91PVQFpsvi3S5xJ98JJ6NpwxKjh2jfmQbFx3RpPiMML8YV6fS h10e9cpr++GxbTRkqW4wu3e+T8FvprK0iLIjd2f6sUmOwuJ/odlqqqYb6yvo1iFD 3xVrmzzwvCCmpnkOBu6eFoeNJD0NVy9rHslTtOJmKoifO42lMpm9skGQst+re+Kb 57jWPKTLhEGZuqrvSj5EGQ==;
X-AuditID: 60729ed4-a49ff70000003048-92-5f6a6b9be6b1
Received: from COPDCEX13.cable.comcast.com (copdcmhoutvip.cable.comcast.com [96.114.156.147]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 14.F8.12360.B9B6A6F5; Tue, 22 Sep 2020 15:24:43 -0600 (MDT)
Received: from COPDCEX10.cable.comcast.com (147.191.124.141) by COPDCEX13.cable.comcast.com (147.191.124.144) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 22 Sep 2020 15:24:42 -0600
Received: from COPDCEXEDGE01.cable.comcast.com (96.114.158.213) by COPDCEX10.cable.comcast.com (147.191.124.141) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 22 Sep 2020 15:24:42 -0600
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.108) by webmail.comcast.com (96.114.158.213) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 22 Sep 2020 17:24:29 -0400
Received: from MN2PR11MB3582.namprd11.prod.outlook.com (2603:10b6:208:ec::28) by MN2PR11MB4629.namprd11.prod.outlook.com (2603:10b6:208:264::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.24; Tue, 22 Sep 2020 21:24:13 +0000
Received: from MN2PR11MB3582.namprd11.prod.outlook.com ([fe80::7d38:9ff4:1394:57bb]) by MN2PR11MB3582.namprd11.prod.outlook.com ([fe80::7d38:9ff4:1394:57bb%7]) with mapi id 15.20.3391.026; Tue, 22 Sep 2020 21:24:13 +0000
From: "Lee, Yiu" <Yiu_Lee@comcast.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Michael Richardson <mcr+ietf@sandelman.ca>, "captive-portals@ietf.org" <captive-portals@ietf.org>, "homenet@ietf.org" <homenet@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>
Thread-Topic: [EXTERNAL] Re: [homenet] [Int-area] Evaluate impact of MAC address randomization to IP applications
Thread-Index: AQHWkSa3djSkh+ICBEK1EH2gcbyfxA==
Date: Tue, 22 Sep 2020 21:24:13 +0000
Message-ID: <0A436777-D9CE-4A4C-BE45-C8C2CAB9FBF6@comcast.com>
References: <20200922201317.097C3389D4@tuna.sandelman.ca> <15660.1600807202@localhost> <902400f2-9172-9581-25ab-59ad08e67bee@cs.tcd.ie> <D81695FF-973F-472D-BC0A-9B0F57278B21@comcast.com> <ca575a6b-987e-d998-2713-91e45190f5ea@cs.tcd.ie>
In-Reply-To: <ca575a6b-987e-d998-2713-91e45190f5ea@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.41.20091302
authentication-results: cs.tcd.ie; dkim=none (message not signed) header.d=none;cs.tcd.ie; dmarc=none action=none header.from=Cable.Comcast.com;
x-originating-ip: [2601:42:1:8220:64e9:5707:4fba:b091]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2ceb0299-42b5-4625-ee12-08d85f3dda85
x-ms-traffictypediagnostic: MN2PR11MB4629:
x-microsoft-antispam-prvs: <MN2PR11MB4629DF70C9DEFDDEEFAE203CC03B0@MN2PR11MB4629.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ML6kEsKPUI0OeXII/E8W8EKhLQ7mhBXgUJ3cfQvpBtH6UDK599OgQlcs1ZD6XFzNBtfrsVE8qjyGyWWUAzgUu5bYOcJ8foc7v0CQ9uWTjXVSCZBK5mhGik8eRVzwR7cBHuwzQrZctE2UCiYKw5QkH5c3h7H/VHUNkIK9IMNndKQjvHIQho1Ca0Y8HM/72o2mJoQdJvW6mwllGC0D9JNYQXdJDbJ6ISitRaDF003nyRSqP0+GA/xBSAgVS4DST8GRnqKXaWMeYi+Ax7Ggd1YkP1w0Ykc2geOU8Bv4mVNvkAik4n7ZKZC6N0Xp13xXySrZaC/Jn8Ua9430C9Y+LPYfAsYo0hmGWkHBQlJPMrYA/tYARy2bsy3+AFkmS+v6lcoAbPpAyq+bi/H/7sEPNpmoYl1y4gLxTHsFe7cRphh/9/gXsykYgBKtGah/Z4XdNg0e6cgD1wWVVSa5va8wDq6npQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB3582.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(376002)(39860400002)(366004)(396003)(36756003)(478600001)(110136005)(316002)(296002)(53546011)(6512007)(6486002)(9686003)(86362001)(76116006)(66476007)(66946007)(33656002)(186003)(6506007)(66446008)(66574015)(966005)(71200400001)(83380400001)(66556008)(64756008)(2906002)(8936002)(5660300002)(8676002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 2AeMhw+PRK0iFMw+Sd7nSrULlyq69hpPIX1GlQWFN+cu+L9v+OaljtDpkX4wp07dRHmHZpxSHx+XAPGzJLYyFWG6pSB25mhs228Pr3RKhHGVmn6g9PUEs42+duebSBCcSW5bL+WiuqM/yPinzUzTf/J/CGAyz1t1fmb1ew+i4rhfJdSNXF1znBoWJqn75Dx44Kqqf6T4tEEFQoshAPp6ridxrZN2dcnAp2WqA6qWs2YizAOF75rbv1ygWqzUrUrJX2m0TiRv/JQA46xPaF8PaZIZBLIP3SZQpW5Sm35flmeT/VEEesxauyfdB5w/JfSbGHFy/+zxxRVYt2GnoqI3+Ged567+AyuTA3RdEtnd7d12SX7CoaV4PxPFs8D/0/4ayHJI+2mf8w2haT+aWxnn8sveAN9lOPhTVhFD7vnUXMSgRmwoMUEFGLVRo2jsqXK2p7lpEDr+zLHstb73Pim/beKrVs4B0QngUQLfpPt+X8dveiVErTdpGFoFlFEFMiCMwDx13URYL3bJ9099VS7d7nx85fiVEjcrkaWezS0/9HqFdsiVNKA7AtmcW16scVkHMqSOHpEBwWZ2opDNCncRGYhvkD1oRdgueXnilOfRByH+HRBBap1JSni+ns7QFpOZjmNtEc0/MO+hhEiUekDDAu2aZubWjiUV75CxJtrIUiVI7j4OW8klgdWodeSj/hb8sz+CMHalQ3+MiXMZScDu5Q==
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fyAszWqb3lKwo4jdrcu4/TQV3fendv1bjuusg4CzJ8K7xh5Wxquxvm0JOw25B/28COxV+CJhByay9Jwb55p3oCtARZAkg2S6yu/tPXFLOT5v/wOtqaWAfwObd65PTZyL5/pJxR7XruxwH/loTK87sjQBrxwkK8DrFqukkyib5LHMTdUaj1AFB3v/i0qY25jA0bMXRHMqKfrViCSODGdU7h7X466ugPbnAkdN5aLz3mW2GYKmj6rWGk7DGcGZjrQbmyO0klncb/w3XW8WEfvr2+jKC4FB7tHlvdUEXi/C6bx8T7jBjR5muoaCXpZZZKamkUNzOsZEFjlmlWxA0VbVKA==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AWj1Ok7iMFbKKNsUx6srFtlTOAF8pC9lIXTyB8E8b0I=; b=UuJqVxr2K0D4u7I6YsaAh8CwtyEzUlQGHPZYCXJpGwiTFrOxFgX5FEWYVDVPTDGtYgiHizU8cD4HHLRzqmLGr/AnI1UawLRrMNz6PPnXNW2w936IcMULIwSHMumPlHaQvdMrLpvfVup9PIXifMuF+JMyHqSvccaRvg0ZE22Cf0Wo6m1gEDK5AJGseY9s+EEN+lAnPZWuhPJOPiR4w5enQCn2ub1+9TtHnbMiAkhdpPRdEgphyRsXLE8/JBVKTxhWtx10wQDN02dtflmqCKn6lOd93TXOW7NrqKM7OwzfkAsibqZwbh5rgK0CSv/1E1nJfxe6ECt8n7gTKE93ZeVk+w==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cable.comcast.com; dmarc=pass action=none header.from=cable.comcast.com; dkim=pass header.d=cable.comcast.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AWj1Ok7iMFbKKNsUx6srFtlTOAF8pC9lIXTyB8E8b0I=; b=CrML74v7RljkwMcElQcqaJeX/IZ6VqmSeQppg0MtRXwIGCCxTnIb506i4GOSVAgSYUf2oyZrnbLUvEYvTnQIFWkEfhmWM0bVhkRoNXhFsKHC7D7WYIMCC1xT2PXLUdfeOSyoLJHfTGQaej5EOIuYHgl/QSE6Hf87YN20RX4KG48=
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB3582.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 2ceb0299-42b5-4625-ee12-08d85f3dda85
x-ms-exchange-crosstenant-originalarrivaltime: 22 Sep 2020 21:24:13.4810 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: zqRCDpLGwN77qaw8aUr0EfTUkKyo7LLBBrjL4ldJ3Z/ILrSM0Ybw1Y6DQhfU/Ws5sIcjEx9cldYMOvtt6OBKf5LfJ1STioJdtju0St5EQ0M=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4629
x-originatororg: cable.comcast.com
Content-Type: text/plain; charset="utf-8"
Content-ID: <C4F33DB746AA744890BDB010C4A857A6@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA02SWUwTYRDH/fZoF7Hms4JMUBE3imfBxRa3RgiGoNXEaIIPRh/KBlYQypZs C0GfkDRqqGc8ClXxAHlA8IyiiErWK2CMRMSAEC1IPGMQ8EDFo+3WxLffzH+O75sZhtR/pqOZ LZJTlCXBxmrGU5nysYOGo/l51kW7WsL5495Smh88rVB8l7eb4ncr+7S85+YzbSptaXB3aiw1 Nd8Ji+tYM7mO3Ji2LFcUskU5VpSy7NlbpJxkdlXGWgPPm8wGjo2VhAIxmd1gyFiz0pAubbbL WSIbWyzYivxeu1QoiwVsQkpmWm794B+y8OuKksoHtlK0O70chTGAjVDR00+Vo/GMHt8hoLdv jFQNBcHhlgZCNXoRfDtSHgprRfD7tTukVBOgjA3RqtGPYGSHiwhU1uA4OHuhVRMQIvBbBOf3 dmkCwmQsQ9Ptd9oAR2AHXGgZIVSOh7rr16gAU3g2vLhdiwKswynwttmN1A5DCHzfvwSFMJwM dafeBwshPAW+tdUHC5E4Cp4PnCDU/2GoaX5MqhwJ7179pgMciRNgaH+PNlAU4UMIPu58qVWD kuDuoyuhhOnw5IQbqbwGOkeHQzwfussaQpwPFz88DDWbA66hKlrlGKjb00epPA18XY3BUQD+ ScIZzw1KNT6R8Kb6ALEfmbz/vdyLGD/Pg/NNCarbAu33RkmVZ8Ihd5/WG5zMJGitHKBOIroO TTQnxXOcMZ4z8fGJXOIlFLy4qqfXUIfHoiDMIHaCbmlenlVPC8WOrQX+9TIkG6GLS8yx6nXZ wtZtomy3ykU20aEgk38DB8joyCy7/34lp5Uzmc1LjLyZS+SWLGKjdKt9mVY9zhGcYr4oFory vzyCCYsuRcpEo6mK+XW6qEcpGnONdfcML45pTIpw/tJT0vOw3vyoduu5hdE3fbVmT3jHnalf 11/cO3J3mjmXNgpf5rZ5WpzNV12+9rYfyxc83pw2kFpbNuv+cfe4pu23Mmz1DpeijEyubrr6 Kb2zpNG43Nj/OiauMnv25VujvKuir2PGpopxLOXIFbj5pOwQ/gIHE+mZhwMAAA==
X-SMG-Enforce: onprem
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-22_18:2020-09-21, 2020-09-22 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/Dpjl3rjMpgQqgUBULErW0mNH6G8>
Subject: Re: [Int-area] [EXTERNAL] Re: [homenet] Evaluate impact of MAC address randomization to IP applications
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2020 22:38:09 -0000

Noted and clear. Will keep this in mind in the next update.

Thanks,
Yiu

On 9/22/20, 5:18 PM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote:


    Hiya,

    On 22/09/2020 22:08, Lee, Yiu wrote:
    > Hi Stephen,
    >
    > Thanks for the notes. Actually, we believe that there are good
    > privacy reasons to randomize mac-address. This BoF isn't trying to
    > "fix" randomized mac-address. On the contrary, we want the community
    > to embrace it. In order to ease the anxiety for transitioning, we
    > want to document what may break and propose best practice to
    > transition to dynamic mac-address.

    Sure, I get that. However, we've seen a number of these
    efforts start thusly but end up being perceived to be
    partly trying to unwind the privacy benefits, so I think
    a good way to avoid that mis-perception is to also present
    the reasons for (in this case, MAC address randomisation)
    as fully as the description of the challenges caused.

    Cheers,
    S.


    >
    > Thanks, Yiu
    >
    >
    > On 9/22/20, 4:51 PM, "Int-area on behalf of Stephen Farrell"
    > <int-area-bounces@ietf.org on behalf of stephen.farrell@cs.tcd.ie>
    > wrote:
    >
    >
    > That agenda and draft seem to make the seemingly common enough
    > mistake of only focusing on what a new privacy or security mechanism
    > breaks and glossing over the good reasons why people introduce these
    > mechanisms. I hope the BoF proponents fix that because otherwise they
    > may end up giving the impression that they would prefer to not see
    > the privacy benefits (which I'd guess is not their goal at all). One
    > reason those good reasons need to be included is that they constrain
    > the kinds of additions that might make sense to better handle the new
    > mechanism.
    >
    > We've seen a number of these kinds of reactions and I figure it'd
    > really be better if the reaction were not to appear purely
    > reactionary;-)
    >
    > If that were fixed, then there may be a better discussion of what, if
    > any, additional things need doing. If that is not fixed, I'd not be
    > surprised if the putative BoF were to devolve into a "it's bad" vs.
    > "no, it's good" bun fight that won't really take us further.
    >
    > Cheers, S.
    >
    > On 22/09/2020 21:40, Michael Richardson wrote:
    >>
    >> Damn. Spelt captive-portal without the s again.  Reposting, sorry
    >> for duplicates. I hate when WG names and list names do not match,
    >> and that we can't have aliases. And I think that reply-to gets
    >> filtered.
    >>
    >> Archived-At:
    >> <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/int-area/14Skgm84GslPZ9UcGoWY3uzmK6I__;!!CQl3mcHX2A!Q0pEjWrLTcmcryUR2EMbSc6uWBNU-xJadaznxWvwmDk2-ARoR0DYYq_eprXSEjo$
    >> > To: int-area@ietf.org, captive-portal@ietf.org, homenet@ietf.org
    >> From: Michael Richardson <mcr+ietf@sandelman.ca> Date: Tue, 22 Sep
    >> 2020 16:34:33 -0400
    >>
    >> This thread was started today on the INTAREA WG ML.
    >>
    >> While I don't object to a BOF, I don't know where it goes. What I
    >> see is that much of this problem needs to be resolved through
    >> increased use of 802.1X: making WPA-Enterprise easier to use and
    >> setup, this changing core identity from MAC Address to IDevID.
    >>
    >> My understanding is that Apple intends to randomize MAC every 12
    >> hours, even on the same "LAN" (ESSID), and that they will just
    >> repeat the WPA authentication afterwards to get back on the
    >> network.   If the per-device unique policy (including CAPPORT
    >> authorization) can be tied to the device better, than the MAC
    >> address based "physical" exception can be updated.
    >>
    >> But, WPA-PSK doesn't work, because it does not, in general,
    >> distinguish between different devices.
    >>
    >> It can be made to work if every device is given a unique PSK, and
    >> there are some successful experiments doing exactly that.  Mostly
    >> it just works, but the challenge is communicating the unique PSK
    >> through an unreliable human. BRSKI can certainly do this, and it
    >> can leverage that unencrypted ESSID present at most hospitality
    >> locations to get onto the encrypted WPA-Enterprise.  Or BRSKI-TEEP,
    >> or some other BRSKI-EAP method.  The unencrypted SSID is not going
    >> away at those locations.
    >>
    >> Thus QR-code based methods are best, yet those do not work for many
    >> IoT devices.   EMU's EAP-NOOB can help in certain cases, but we, as
    >> a community need be clear on what direction we want to go.  One
    >> answer is that IoT devices have little reason to randomize their
    >> MAC if they are not generally ported.
    >>
    >>
    >> On 2020-09-22 3:49 p.m., Lee, Yiu wrote:
    >>> Hi team,
    >>>
    >>> We proposed a BoF. The agenda is in
    >>> https://urldefense.com/v3/__https://github.com/jlivingood/IETF109BoF/blob/master/109-Agenda.md__;!!CQl3mcHX2A!Q0pEjWrLTcmcryUR2EMbSc6uWBNU-xJadaznxWvwmDk2-ARoR0DYYq_e7alyc8U$
    >>> and the proposal is in
    >>> https://urldefense.com/v3/__https://github.com/jlivingood/IETF109BoF/blob/master/BoF-Proposal-20200918.md__;!!CQl3mcHX2A!Q0pEjWrLTcmcryUR2EMbSc6uWBNU-xJadaznxWvwmDk2-ARoR0DYYq_eNfKGqkE$
    >>> . You can also find the draft here
    >>> https://urldefense.com/v3/__https://tools.ietf.org/html/draft-lee-randomized-macaddr-ps-01__;!!CQl3mcHX2A!Q0pEjWrLTcmcryUR2EMbSc6uWBNU-xJadaznxWvwmDk2-ARoR0DYYq_erhCF3-A$
    >>> .
    >>>
    >>> At this stage, we are looking for inputs for more use cases and
    >>> interests of working together in this domain. Please post your
    >>> comments in the mailing list.
    >>>
    >>> Thanks
    >>>
    >>
    >>
    >> -- Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT
    >> consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
    >>
    >>
    >> _______________________________________________ homenet mailing
    >> list homenet@ietf.org
    >> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/homenet__;!!CQl3mcHX2A!Q0pEjWrLTcmcryUR2EMbSc6uWBNU-xJadaznxWvwmDk2-ARoR0DYYq_epVo5mQQ$
    >
    >>
    >
    >
    > _______________________________________________ homenet mailing list
    > homenet@ietf.org https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/homenet__;!!CQl3mcHX2A!QmyqyKwbOOxTGfm0x58b5xfYvrm-ivhzQUDCjlF7XvYCa411l20nyTY4Gc-Mvoc$
    >

v2.23.0 | Report a Bug | By Email